Augmented Reality and Privacy

An anonymous reader recommends a piece up at Augmented Planet that makes a couple of points about privacy in the realm of geotagging and augmented reality that haven't been discussed much. First, once you geotag and upload, say, a photo to the Net you can lose ownership over the data and especially its metadata. Second, data on the Net is long-lived and might be put together in ways you wouldn't like, long after it was created. "If you geotag a picture with your new 50" plasma TV in the background and upload it to the Web, congratulations you have just told everyone where you live and what you have of value. The web has a long memory — geotag something today and in six months it is still on the Web. When you tweet from the beach in Barbados telling your friends you are away for 2 weeks, that picture of your 50" plasma will still be out there along with its location. It's easy to track down someone's home address if you have their real name." The submitter adds, "I never really cared about my online privacy too much. This article made me think seriously about privacy for the first time. No mean feat."

1. memorize a fake birthday

[circletimessquare]

2. keep all online family pictures private, behind a password

it always amazes me to find online profiles with birthdays and family member's photos: there's your mother's maiden name and your birthday on full display or a few clicks away, handy for opening new credit cards in your name

Avatar

[warren.oates]

I haven't used my real name anywhere on the Internet in about ten years.

Re:Avatar

[indre1]

That's called paranoia man.

No, it's called "paranoia".

[Toy G]

Not everyone suffers from paranoia.

There is nothing wrong with uploading a bit of metadata about you here and there, the problem is when it becomes highly visible, which is the case with "augmented reality" systems (where the entire point is *seeing metadata*).

"...and especially its metadata."

[Anonymous Coward]

What on earth does this mean? "Lose ownership of the metadata inside a photo"? Does the author even know what he/she is talking about?

I don't exactly fear "losing the rights" to the metadata contained in the jpegs I spread around the web: shutter speed/focal length info, the camera source info, eventual embedded ICC profile, width/height info etc.

My god, the idiocy.

Re:Avatar

[Ethanol-fueled]

That's called paranoia man.

That's called foresight, man.

Nobody gives a shit about you

[RiotingPacifist]

Nobody reads your twitter, nobody follows your flicker account and no 2bit criminal is going to do both when i can just drive round the block and see your curtains haven't changed states in the last 3 days. There are reasons to care about your privacy, future blackmail, employer searching for you, etc, but nobody reading you (mirco)blog is going to steal your TV.

Re:Nobody gives a shit about you

[thefirelane]

You realize, there is a reason that they don't immediately release the names of disaster victims right? It's so the surviving family members can secure their property as criminals will find their address and break in. I imagine this also would be exploited.

I had TWO attemped burglaries in my life

[SmallFurryCreature]

BOTH happened when I was at home and there was clear activity. One in the morning, busy getting ready and suddenly someone was in the kitchen who ran out.

Other time 3 people tried to climb on the balcony while 4 people were in the house.

The fast majority of crime in holland is committed by imigrants (don't bother telling me otherwise, all attempts were made by dark-skinned people) who have the combined IQ of a raisin.

/. nerds come up with all kinds of clever tricks to steal things, that is not how criminals do it. Brutality and a surety that the legal system has been gutted makes them attempt break ins where there is no point because they want cash now. Planning... that just doesn't feature. It is opportunity crime, when you are home, you got doors and windows unlocked, when you are away, you double bolt everything.

Mythbusters had a few of those Mission Impossible style break in attempts, meanwhile the biggest diamond heist that really happened, just involved driving up, loading the bags and driving away. No complex stuff, no sci-fi. Just the arrogance to think you can get away with it, and you often can. And when you don't, the law has so little change to catch you, it is worth the risk (conviction rate in Holland is less then 10% of REPORTED crimes, only a fraction of crimes are known to be reported, so do the math).

Do you really think a criminal who is going to sell your new plasma for at most a 100 dollars (think about it, even if you buy blackmarket, you want a box, you steal TV's from the warehous factory, not somebodies house) is going to bother keeping track of potential photo's that might show a plasma you had then and corrolate that with when you CLAIM to be away?

Real burglars just walk past and LOOK. And they are a hell of lot more interested in a place that is dark where they can get inside very quickly and away very quickly. And even then, what are they going to do with a 50inch plasma screen? Takes ages to unplug, get off the wall, into a car and then you got what? A 2nd hand tv. Oh yeah, fences pay big bucks for that.

I swear slashdot is the nerds fox news. You know those jokes:

amount of pedophiles in the entire world: -

amount of pedophiles on myspace according to Fox: AAAAAAAAAAAAAAAAAAAAAAA broken up because of crap filter AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

Slashdot is like that with privacy

Real world criminals tracking you: -

Criminals tracking you according to the privacy crazies on /.: AAAAAAAAAAAAAAAAAAAAAAA broken up because of crap filter AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

It is like the crappy filter /. uses: Real spam stopped 0. Jokes and valid points ruined: zillion.

Re:easy way to generate a fake birthday:

[Eivind]

The insanity isn't there.

The insanity is in assuming that if a unknown person knows the name and birthday of a certain individual and his mother, then that is proof positive that he IS that person. By that logic, I am a dozen different people. It's just nonsense, pure and simple. Allowing a new line of credit to be opened on such skimpy information is grossly incompetent, and should result in the automatic assumption that the organization doing so is responsible for any and all losses resulting from their neglience.

If I want to open a new account here, I need either a digital signature (yes, one that uses two-factor authenthication to ensure I'm me), or I need to physically go to the post to pick up the card -- the post will then demand I present an actually valid ID before they give it to me. (a service they charge for, and call "verified recipient")

Re:1. memorize a fake birthday

[dintlu]

This does not indemnify you against information uploaded by unwitting friends, relatives, acquaintances, or colleagues. The more people come to rely on the internet as a venue for socializing, the less control any individual will have over their personal information or their privacy. As information collecting becomes more automated, AR will become more useful and hence more commonplace, possibly bringing some of the issues raised by the article to the fore.

I think it's important to recognize that even though AR introduces additional risks to *your* security and privacy, it has the exact same effect on a *criminal's* security and privacy. I'll throw a hypothetical scenario out there - say you enabled a service at the supermarket that automatically emails you a copy of your receipt whenever you make a purchase. If your identity thief makes a purchase at one of these supermarkets, you have an incriminating email containing unrecognizable foodstuffs and a credit account you never opened, which can be used to spearhead an investigation pulling CCTV footage from that supermarket to compare to a facial recognition database, resulting in the identification and arrest of the identity thief.

Given this scenario, I think that rather than rebel against the erosion of our privacy, we need to accept that privacy in its current incarnation will never exist again, and instead work towards ensuring that no single group of people is allowed to exempt themselves or abuse this new information.

Re:I had TWO attemped burglaries in my life

[Jah-Wren Ryel]

I had TWO attemped burglaries in my life...
The fast majority of crime in holland is committed by imigrants (don't bother telling me otherwise, all attempts were made by dark-skinned people)

Really? That's your argument?

You have a sample size of exactly two and from that you feel confident to extrapolate to all crime in the country?

After demonstrating such absurdly bad reasoning skills, why should anyone take anything else you have to say seriously?

Bigotry is innumeracy.

Re:No, it's called "Cautious."

[russotto]

The fact that [paranoia] is a medical term should tell you something about that.

That pshrinks are prejudiced against the justifiably concerned?

Simply stated, the responsibility is on developers to make sure that their creations cannot be used for nefarious purposes.

Certainly not. It's both unreasonable and impossible for them to do so.

Re:No, it's called "Cautious."

[Dr. Eggman]

When dealing with data and situations this complex? Good luck.

Just look at the example given in the article summary. There's no concievable way a developer could protect against that situation, short of not developing the technology to begin with. Sometimes, security/privacy falls to personal responsibility. Sure, that's where all the best systems go to hell, but it's just not something we can (currently) just work around. We can warn users, tell them the dangers, but when it comes right down to it: it's all about the nature of the user. If the user's nature is (right or wrong) paranoid/cautious, then we're going see less abuse than if their nature is wide open.

Re:I had TWO attemped burglaries in my life

[ultral0rd]

Strangely enough I've heard and experience the complete opposite. I've been burglarized twice in my life, and both were done by highly organised crime gangs. Sure your small time druggies are just looking for something to grab so that they can get another hit, but organised gangs will thrive on information like this, to see who is afk and who isn't. And in the end, it will be these guys who will drive away with your flat screen's and suitcases full of everything else thanks to AR. Or maybe the burglar's in South Africa are just smarter than those in Holldand

Re:No, it's called "paranoia".

[Hatta]

There's no point in uploading metadata unless it's visible. If you don't want it to be visible, don't upload it.

Sorry, but no

[Drummergeek0]

If you buy a 50" Plasma and bring it home, anyone driving by while you take it inside now knows you own a 50" Plasma and where you live. Where does it stop?

While theoretically, it is possible to figure something like this out for a robbery or something like that, the chances are incredibly slim, and nothing you do with the exception of completely unplugging and never leaving you home is going to make you completely secure. This is just fear mongering, you are at no higher risk with internet than you are with normal conversation (you tell friend 1 you just got a tv, they tell their friend that a friend of theirs just got that new TV, later on you leave on a trip and tell your friend, whose friend happens to be around/friend 1 tells, and now he can go steal your TV.) It is the nature of socializing, you are gonna give information that is innocuous by itself but when pieced together information can be used for bad deeds.

Ok, go ahead and mod flaimbait or troll now